Hey all, With regard to the clusterrole command, let's say I have created a serv . . .

kodekloud · March 19, 2022, 3:54am

Ryebridge:
Hey all,
With regard to the clusterrole command, let’s say I have created a service account in namespace red then granted permission for my resources as follows:

kubectl create clusterrole deploy-clusterrole --verb=create --resource=deployments,statefulsets

Then bind the SA like:

kubectl create rolebinding deployment-clusterrole --clusterrole=deploy-clusterrole --serviceaccount=default:satarget --namespace=red

Wouldn’t the following command have the same effect (so no need to supply namespace option) ?

kubectl create rolebinding deployment-clusterrole --clusterrole=deploy-clusterrole --serviceaccount=red:satarget

kodekloud · March 19, 2022, 3:54am

Swapnil S:
As per 3rd mock test’s solution video, this looks right to me.

kodekloud · March 19, 2022, 3:54am

Ryebridge:
Thanks, question was more along the lines of what’s the difference? Do we really need to use —namespace if we use it like red:satarget

kodekloud · March 19, 2022, 3:54am

Swapnil S:
As per my understanding, no need to use --namespace

kodekloud · March 19, 2022, 3:54am

Lisenet:
The first command will create a rolebinding entry in the red namespace. The second command will create a rolebinding entry in the default namespace.

kodekloud · March 19, 2022, 3:54am

Lisenet:
Just FYI, a rolebinding is namespace scoped. Clusterrolebinding is cluster scoped, where you don’t need to specify a namespace.